[Avcheck] Postfix unexpected crach on debian Woody - AVP + Avcheck

Michael Tokarev mjt@tls.msk.ru
Sat, 13 Jul 2002 02:09:15 +0400 

Sébastien Desse wrote:
> 
> Hi,
> 
> I'm using postfix distribution from woody, I've experienced a service crach
> that I don't understand.

It seems you understand the word "to crash" somewhat differently... ;)
I can understand than e.g. a filesystem crashed leaving your data
unrecoverable, or a hardware crashed in flame.

> Could you please give me inforamations or tell me if this problem is already
> known.
> 
> I asked to postfix guys if they know why it crached and they told me that it
> is probably an avcheck error,

Too bad I'm unable to read postfix-users.

> see line :
> Jul 11 18:17:05 SV000015 postfix/pipe[14046]: B84BD3FEE:
> to=<jeanma@MYDOMAIN.fr>, relay=avcheck, delay=1062, status=deferred
> (temporary failure. Command output: avcheck: unable to read smtp response:
> Connection reset by peer )

Please note that this is not a "crash".  Your mail was not lost, it is
deffered.

Let me see your post(s) at postfix-users...  Wait a moment...  Ok, found it.
Oh ma.  You have some serious problem.  Unfortunately (1), it is not related
to avcheck.  I'll answer at postfix-users, but see below for some comments.

(1) unfortunately here is because overwise, it should be simple to fix.

> Do U think that it is the real cause of the crach ?
> 
> I use in master.cf :
> localhost:10025 inet    n       -       n       -       -       smtpd
> without the '-o content_filter=' do U think that it is why it crached ?
> I don't use any other content filter.

No, not at all.  This is pretty normal - you defined content_filter to
be non-empty only for your main smtp daemon, so you don't need to
overwrite this value for your internal reinjection point shown above.
In contrast, you may define content_filter in main.cf (to be applied to
all postfix agents) - in *that* case, you need to overwrite this value
for your internal reinjection point.  The way you choosed is pretty ok.

[]
> Everything was OK 3 weeks long and on July 11 at 17:59 the system crached...

Ok, now I see what do you mean using the word "crashed".  Your whole
mail system was crashed, i.e. went down.  Not good, and avcheck just
has no way to do so harmful things to postfix - it has no rights to
do that.

[]
> master.cf (partial)
> 
> # ==========================================================================
> # service type  private unpriv  chroot  wakeup  maxproc command + args
> #               (yes)   (yes)   (yes)   (never) (50)
> # ==========================================================================
> smtp      inet  n       -       -       -       -       smtpd
>   -o content_filter=avcheck
>   -o filter_destination_recipient_limit=1

What's for - this last parameter?  This is completely irrelevant here
(i.e. not related to a problem), but 1) this parameter is ignored
(not used) by smtpd (only possible usage is by qmgr), and it is
ignored by *all* postfix components, because there is no such transport
named `filter'.

> #628      inet  n       -       -       -       -       qmqpd
> pickup    fifo  n       -       -       60      1       pickup
> cleanup   unix  n       -       -       -       0       cleanup
> qmgr      fifo  n       -       -       300     1       qmgr
> #qmgr     fifo  n       -       -       300     1       nqmgr
> rewrite   unix  -       -       -       -       -       trivial-rewrite
> bounce    unix  -       -       -       -       0       bounce
> defer     unix  -       -       -       -       0       bounce
> flush     unix  n       -       -       1000?   0       flush
> smtp      unix  -       -       -       -       -       smtp
> showq     unix  n       -       -       -       -       showq
> error     unix  -       -       -       -       -       error
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> 
> # AVP config
> localhost:10025 inet    n       -       n       -       -       smtpd
> avcheck unix    -       n       n       -       5       pipe
>   flags=q user=avclient argv=/var/spool/avp/avcheck
>   -d /var/spool/avp/./tst -s AVP:/var/spool/avp/ctl/AvpCtl
>   -f ${sender} -S :10025 -- ${recipient}

Looks good.

> ___________________________________________________________________________
> 
> main.cf (full)
> 
> # Do not change these directory settings - they are critical to Postfix
> # operation.
> command_directory = /usr/sbin
> daemon_directory = /usr/lib/postfix
> program_directory = /usr/lib/postfix
> 
> smtpd_banner = $myhostname ESMTP $mail_name
> setgid_group = postdrop
> biff = no
> myhostname = SV000015.intranet.MYDOMAIN.fr
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> local_transport = error:local mail delivery is disabled on this machine

Are you sure this will work?  I.e. multiword value?  (I don't
know).

/mjt